The days of cybercriminals using spoofed logos and lookalike email addresses to trick unsuspecting users into falling for phishing scams (opens in new tab) could soon be over as Google is adding a new security feature to Gmail (opens in new tab) to make it harder to impersonate brands over email.
While the search giant announced last year that it would begin its Brand Indicators for Message Identification (BIMI (opens in new tab)) pilot, in a new blog post (opens in new tab) the company has said that it will begin rolling out BIMI support in Gmail over the coming weeks.
- We've compiled a list of the best email services (opens in new tab) available
- These are the best email clients (opens in new tab) on the market
- Also check out our roundup of the best email hosting (opens in new tab)
For those unfamiliar, BIMI is an industry standard that aims to drive adoption of strong sender authentication for the entire email (opens in new tab) ecosystem. It does this by providing email recipients as well as email security systems with increased confidence in the source of emails to prevent impersonation attempts.
As part of Google's rollout of BIMI in Gmail, organizations that authenticate their emails using DMARC (opens in new tab) will be able to validate ownership of their corporate logos and securely transmit them to Google. Once these authenticated emails pass Google's anti-abuse checks, Gmail will begin displaying an organization's logo in the service's avatar slot so that users know these emails come directly from a company and not from someone impersonating them.
According to Google, BIMI is designed to be easy for organizations with DMARC already in place and once configured, validated logos will be displayed on emails from both their domains (opens in new tab) and subdomains.
Chair of the AuthIndicators Working Group, Seth Blank praised Google's support of BIMI in Gmail, saying:
“Gmail's support of BIMI is a win for email authentication, brand trust, and consumers alike. BIMI gives organizations the opportunity to provide their customers with a more immersive email experience, strengthening email sender authentication across the entire email ecosystem.”
In order to take advantage of BIMI, Organizations will first need to adopt DMARC before having their logo validated with Verified Mark Certificate (VMC). Gmail users on the other hand won't have to do a thing and they'll soon see company logos alongside their emails once BIMI support rolls out in the coming weeks.
- We've also highlighted the best antivirus (opens in new tab)